I’m trying to configure my application so that the user only gets an MFA_CHALLENGE after they enroll for the first time or if their device changes. I’ve been through the sign-on rules and tried setting this up but haven’t had any luck getting the app to behave this way. Currently it will prompt with every login attempt.
So far I’ve tried adding a new rule to the Sign On Policy at the application level and in the Authentication section. Here’s my configuration:
Hello,
Did you check the Remember Device By Default in your sign on policy? This will automatically check the box ‘Do not challenge me on this device again’ checkbox on the login page. So once the user authenticates on that device with whatever factor they have setup they shouldn’t get prompted again.
If they login in with a different browser/device, then they will get prompted for the factor. Again by default the ‘Do not challenge me on this device again’ checkbox would be checked and that should only be challenged that time on that device.
Yeah, I have checked the “Remember Device by Default” option in the setup. I’ve also set the device to always remember as well:
val verifyRequest = authClient.instantiate(VerifyPassCodeFactorRequest::class.java)
.setPassCode(number)
.setRememberDevice(true)
.setStateToken(it)
I still get the prompt regardless.
So I assume it does work for you from the Okta login page, but you are having issues with one of our java SDKs?
Could you provide the exact SDK and version you are using?
If you could also provide some details on your application and how clients access it that would be helpful.